Friday, 25 November 2016

In Unix, how do I combine several text files into a single file?


To combine several text files into a single file in Unix, use the cat command:
  cat file1 file2 file3 > newfile

Replace file1, file2, and file3 with the names of the files you wish to combine, in the order you want them to appear in the combined document. Replace newfile with a name for your newly combined single file.

If you want to add one or more files to an existing document, use the format:
  cat file1 file2 file3 >> destfile

This command will add file1, file2, and file3 (in that order) to the end of destfile.


Note: If you use > instead of >>, you will overwrite destfile rather than add to it

ESXi 5.1 Host Log Files



Logs for an ESXi 5.1 host are grouped according to the source component:
/var/log/auth.log: ESXi Shell authentication success and failure.

/var/log/dhclient.log: DHCP client service, including discovery, address lease requests and renewals.

/var/log/esxupdate.log: ESXi patch and update installation logs.

/var/log/lacp.log: Link Aggregation Control Protocol logs.

/var/log/hostd.log: Host management service logs, including virtual machine and host Task and Events, communication with the vSphere Client and vCenter Server vpxa agent, and SDK connections.

/var/log/hostd-probe.log: Host management service responsiveness checker.

/var/log/rhttpproxy.log: HTTP connections proxied on behalf of other ESXi host webservices.

/var/log/shell.log: ESXi Shell usage logs, including enable/disable and every command entered. For more information, seevSphere 5.5 Command-Line Documentation and Auditing ESXi Shell logins and commands in ESXi 5.x (2004810).

/var/log/sysboot.log: Early VMkernel startup and module loading.

/var/log/boot.gz: A compressed file that contains boot log information and can be read using zcat /var/log/boot.gz|more.

/var/log/syslog.log: Management service initialization, watchdogs, scheduled tasks and DCUI use.

/var/log/usb.log: USB device arbitration events, such as discovery and pass-through to virtual machines.

/var/log/vobd.log: VMkernel Observation events, similar to vob.component.event.

/var/log/vmkernel.log: Core VMkernel logs, including device discovery, storage and networking device and driver events, and virtual machine startup.

/var/log/vmkwarning.log: A summary of Warning and Alert log messages excerpted from the VMkernel logs.

/var/log/vmksummary.log: A summary of ESXi host startup and shutdown, and an hourly heartbeat with uptime, number of virtual machines running, and service resource consumption. For more information, see Format of the ESXi 5.0 vmksummary log file (2004566).
/var/log/Xorg.log: Video acceleration.

Sharing files and folders with Linux guest OS in VMWare player

1.Install the VMWare Tool
First of all, you have to install the VMWare Tool for the guest OS to enable the shared folder in this OS. Click in Player menu > Manage, > Install VMWare Tools…. You may have do download the tool before the installation start.
Start install the vmware tools
Start install the vmware tools

2.After the compressed installation file has been mounted to the guest OS, copy it to another writable location e.g. the Desktop folder and decompress it. Now, open the Terminal and change the working directory to the new created folder, usually named vmware-tools-distrib.
Change the working directory to the new installation folder
Change the working directory to the new installation folder
3.Execute the vmware-install.pl with super user privilege and accept all default value. It will automatically execute the vmware-config-tools.pl at the end of the installation. If your Linux does not have gcc and make, you have to install these package and re-run the wmware-config-tool.pl again by simply enter sudo vmware-config-tools.pl.

Config the Shared Folder in VMWare player.

1.Now, we have to VMWare tools in the guest Linux OS. We should open the virtual machine settings by click Player menu > Manage > Virtual Machine Settings. In the new dialog, choose the Options tab and enable the Shared Folder option.
Enable Share Folder in the virtual machine
Enable Share Folder in the virtual machine
2.Click the Add… button at the bottom, follow the wizard to choose a folder in the host OS and the name of shared folder in the guest OS. In the Linux guest OS, our shared folder will be mounted in the /mnt/hgfs/.

3.You can make a soft link (shortcut) to the Desktop to used this folder more easily 
when working in the Linux OS by entering this command in the terminal:
$> ln -s /mnt/hgfs/shared-name ~/Desktop/shared-name

4.Now you can access the shared files and folder from you Desktop folder. The modifications in this shared folder is two-way affected by default. 

5.If you do not want the guest users write or change this shared folder content, in the previous wizard click the read-only option, you can change this option any time in the virtual machine settings screen, too.

What is snapshot and how it works

What is a snapshot?

A snapshot preserves the state and data of a virtual machine at a specific point in time.
  • The state includes the virtual machine’s power state (for example, powered-on, powered-off, suspended).
  • The data includes all of the files that make up the virtual machine. This includes disks, memory, and other devices, such as virtual network interface cards.
A virtual machine provides several operations for creating and managing snapshots and snapshot chains. These operations let you create snapshots, revert to any snapshot in the chain, and remove snapshots. You can create extensive snapshot trees.


Creating a snapshot

When creating a snapshot, there are several options you can specify:
  • Name: This is used to identify the snapshot.
  • Description: This is used to describe the snapshot.
  • Memory: If the <memory> flag is 1 or true, a dump of the internal state of the virtual machine is included in the snapshot. Memory snapshots take longer to create, but allow reversion to a running virtual machine state as it was when the snapshot was taken. This option is selected by default. If this option is not selected, and quiescing is not selected, the snapshot will create files which are crash-consistent, which you can use to reboot the virtual machine.
  • Quiesce: If the <quiesce> flag is 1 or true, and the virtual machine is powered on when the snapshot is taken, VMware Tools is used to quiesce the file system in the virtual machine. Quiescing a file system is a process of bringing the on-disk data of a physical or virtual computer into a state suitable for backups. This process might include such operations as flushing dirty buffers from the operating system's in-memory cache to disk, or other higher-level application-specific tasks.

    Note: Quiescing indicates pausing or altering the state of running processes on a computer, particularly those that might modify information stored on disk during a backup, to guarantee a consistent and usable backup. Quiescing is not necessary for memory snapshots; it is used primarily for backups.
When a snapshot is created, it is comprised of these files:
  • <vm>-<number>.vmdk and <vm>-<number>-delta.vmdk
    A collection of .vmdk and -delta.vmdk files for each virtual disk is connected to the virtual machine at the time of the snapshot. These files can be referred to as child disks, redo logs, or delta links. These child disks can later be considered parent disks for future child disks. From the original parent disk, each child constitutes a redo log pointing back from the present state of the virtual disk, one step at a time, to the original.

    Note:
    • The <number> value may not be consistent across all child disks from the same snapshot. The file names are chosen based on filename availability.
    • If the virtual disk is larger than 2TB in size, the redo log file is of  <vm>-<number>-sesparse.vmdk format.
  • <vm>.vmsd
    The .vmsd file is a database of the virtual machine's snapshot information and the primary source of information for the Snapshot Manager. The file contains line entries which define the relationships between snapshots as well as the child disks for each snapshot.
  • <vm>Snapshot<number>.vmsn
    The .vmsn file includes the current configuration and optionally the active state of the virtual machine. Capturing the memory state of the virtual machine lets you revert to a turned on virtual machine state. With nonmemory snapshots, you can only revert to a turned off virtual machine state. Memory snapshots take longer to create than nonmemory snapshots. 

What products use the snapshot feature?

In addition to being able to use Snapshot Manager to create snapshots, snapshots are used by many VMware and third-party products and features. Some VMware products that use snapshots extensively are:
  • VMware Data Recovery
  • VMware Lab Manager
  • VMware vCenter and the VMware Infrastructure Client (Snapshot Manager, Storage vMotion)
Note: This is not an exhaustive list.

How do snapshots work?

Our VMware API allows VMware and third-party products to perform operations with virtual machines and their snapshots. This is a list of common operations that can be performed on virtual machines and snapshots using our API:
  • CreateSnapshot: Creates a new snapshot of a virtual machine. As a side effect, this updates the current snapshot.
  • RemoveSnapshot: Removes a snapshot and deletes any associated storage.
  • RemoveAllSnapshots: Remove all snapshots associated with a virtual machine. If a virtual machine does not have any snapshots, then this operation simply returns successfully.
  • RevertToSnapshot: Changes the execution state of a virtual machine to the state of this snapshot. This is equivalent to the Go To option under the Snapshot Manager while using vSphere/VI client GUI.
  • Consolidate: Merges the hierarchy of redo logs. This is available in vSphere 5.0 and later.
This is a high-level overview of how to create, remove, or revert snapshot requests that are processed within the VMware environment:
  1. A request to create, remove, or revert a snapshot for a virtual machine is sent from the client to the server using the VMware API.
  2. The request is forwarded to the VMware ESX host that is currently hosting the virtual machine that has issue.

    Note: This only occurs if the original request was sent to a different server, such as vCenter, which is managing the ESX host.
  3. If the snapshot includes the memory option, the ESX host writes the memory of the virtual machine to disk.
  4. If the snapshot includes the quiesce option, the ESX host requests the guest operating system to quiesce the disks via VMware Tools.
  5. The ESX host makes the appropriate changes to the virtual machine's snapshot database (.vmsd file) and the changes are reflected in the Snapshot Manager of the virtual machine.
  6. The ESX host calls a function similar to the Virtual Disk API functions to make changes to the child disks (-delta.vmdk and .vmdkfiles) and the disk chain.

The child disk

The child disk, which is created with a snapshot, is a sparse disk. Sparse disks employ the copy-on-write (COW) mechanism, in which the virtual disk contains no data in places, until copied there by a write. This optimization saves storage space. The grain is the unit of measure in which the sparse disk uses the copy-on-write mechanism. Each grain is a block of sectors containing virtual disk data. The default size is 128 sectors or 64 KB.
 
Note: The sparse disk is usually created as a VMFSSPARSE type. Starting with vSphere 5.5, for any vmdk of 2TB or larger, the sparse disk is of type SESPARSE.

Child disks and disk usage

It is important to note these points regarding the space utilization of child disks:
  • If a virtual machine is running off of a snapshot, it is making changes to a child or sparse disk. The more write operations made to this disk, the larger it grows, to an upper limit of the size of the base disk plus a small amount of overhead.
  • The space requirements of the child disk are in addition to the parent disk on which it depends. If a virtual machine has a 10 GB disk with a child disk, the space used can be 10 GB + the child disk size + .vmsn file size + overhead.
  • Child disks are known to grow large enough to fill an entire datastore, but this is because the LUN containing the datastore was insufficiently large to contain the base disk, the number of snapshots created, and the overhead and .vmsn files created.
  • The speed at which child disks grow is directly dependent on the amount of I/O being done to the disk.
  • The size of the child disk has a direct impact on the length of time it takes to delete the snapshot associated to the child disk.

The disk chain

Generally, when you create a snapshot for the first time, the first child disk is created from the parent disk. Successive snapshots generate new child disks from the last child disk on the chain. The relationship can change if you have multiple branches in the snapshot chain.
This diagram is an example of a snapshot chain. Each square represents a block of data or a grain as described in the preceding section:
 
Caution: Manually manipulating the individual child disks or any of the snapshot configuration files may compromise the disk chain. VMware does not recommend manually modifying the disk chain as it may result in data loss.

Reset IBM DS3524 / DS3512 RAID Manager Password


We have to use the below process to reset the password of IBM DS Storage array and to login to IBM DS storage array manager without password.
----------
"
Reset IBM DS3524 / DS3512 RAID Manager Password

Telnet to both controllers IP-addresses (or use serial console via 4pin mini DIN plug in top left corner of both controllers), and type below once you get login prompt.

VxWorks login: shellUsr
Password: wy3oo&w4 (not shown as you enter it)

-> loadDebug
value = 1 = 0x1
-> setSAPassword_MT ""
ReturnCode = 0x1
value = 1 = 0x1
-> unld "Debug"
value = 0 = 0x0
-> exit
This removes the password, so you can configure through the DS Storage Manager without entering a password. Log on to controller B and follow the same steps.

No need to reboot, it should work immediately.

Grep options


SYNTAX

The syntax for the grep command is:
grep [options] pattern [files]

OPTIONS

OptionDescription
-b Display the block number at the beginning of each line.
-c Display the number of matched lines.
-h Display the matched lines, but do not display the filenames.
-i Ignore case sensitivity.
-l Display the filenames, but do not display the matched lines.
-n Display the matched lines and their line numbers.
-s Silent mode.
-v Display all lines that do NOT match.
-w Match whole word.

Explaning Vmstat output


   Procs
       r: The number of processes waiting for run time.
       b: The number of processes in uninterruptible sleep.


   Memory
       swpd: the amount of virtual memory used.
       free: the amount of idle memory.
       buff: the amount of memory used as buffers.
       cache: the amount of memory used as cache.
       inact: the amount of inactive memory. (-a option)
       active: the amount of active memory. (-a option)


   Swap
       si: Amount of memory swapped in from disk (/s).
       so: Amount of memory swapped to disk (/s).


   IO
       bi: Blocks received from a block device (blocks/s).
       bo: Blocks sent to a block device (blocks/s).


   System
       in: The number of interrupts per second, including the clock.
       cs: The number of context switches per second.

   CPU
       These are percentages of total CPU time.
       us: Time spent running non-kernel code. (user time, including nice time)
       sy: Time spent running kernel code. (system time)
       id: Time spent idle. Prior to Linux 2.5.41, this includes IO-wait time.
       wa: Time spent waiting for IO. Prior to Linux 2.5.41, shown as zero.






FIELD DESCRIPTION FOR DISK MODE

   Reads
       total: Total reads completed successfully
       merged: grouped reads (resulting in one I/O)
       sectors: Sectors read successfully
       ms: milliseconds spent reading


   Writes
       total: Total writes completed successfully
       merged: grouped writes (resulting in one I/O)
       sectors: Sectors written successfully
       ms: milliseconds spent writing


   IO
       cur: I/O in progress
       s: seconds spent for I/O






FIELD DESCRIPTION FOR DISK PARTITION MODE

       reads: Total number of reads issued to this partition
       read sectors: Total read sectors for partition
       writes : Total number of writes issued to this partition
       requested writes: Total number of write requests made for partition







FIELD DESCRIPTION FOR SLAB MODE

       cache: Cache name
       num: Number of currently active objects
       total: Total number of available objects
       size: Size of each object
       pages: Number of pages with at least one active object
       totpages: Total number of allocated pages
       pslab: Number of pages per slab

VMFS vs RDM


VMware virtual machines comprise a set of files in typically one of two given formats: virtual machine file system (VMFS) or raw device mapping (RDM).
 
Both formats enable you to access the virtual machine's disk (VMDK), but they differ in approach to storage, and VMware recommends VMFS for the vast majority of VMs.
 
With RDM, VMDK files are only pointers to a VM's disk data, while on VMFS the files also hold the data. VMFS holds disk data from multiple VMs; RDM does not.

VMFS was designed specifically to support virtualization. While RDM is sometimes recommended for I/O-intensive operations, VMware studies show that the performance difference found in VMFS versus RDM formats is negligible.

With VMFS, a storage volume can support one or many VMs. This volume can change without affecting network operations. By sharing storage volumes, VMs are easier to manage and resource utilization remains high. 
 
Various ESXi servers can read and write to the file system at once, because it stores information at the block level.

With RDM, the VM directly connects to the storage area network (SAN) via a dedicated storage logical unit number (LUN). 
 
The total number of LUNs visible to an ESXi host is capped at256, with the same LUNs visible across a whole cluster of up to32 ESXi servers. RDM is recommended in a few specific situations, such as when a virtual machine is SAN-aware.


VMFS holds disk data from multiple VMs; RDM does not.

Create a Windows Server 2012 iSCSI Target Server

In my Lab I don’t have a good storage which I can use for my Hyper-V Clusters. But with Windows Server 2012 Microsoft added a lot of new storage features and included a iSCSI Target Server. With the new Storage Pooling / Storage Spaces features this allows me to use a Windows Server as a great storage replacement.
This offers features like:
  • Thin provisioning
  • Data Deduplication
  • Disk aggregation
  • Storage Spaces
  • and a lot more

Overview

  • We will aggregate physical disks to a Storage Pool
  • On this Storage Pool we will create a Virtual Disk. Here we have to option to use Data Deduplication, Thin provisioning, Reliability options (Simple, Mirror, Parity), etc.
  • On the Virtual Disk we will create a NTFS volume
  • On this Volume we will create iSCSI Virtual Disks (LUNs)
Storage Overview

Hardware

I am using a Windows Server with 3 network ports. The first is used for Management and the others are used for iSCSI traffic.
In my Case I have a disk which I use for the Operating System and 4 disk which I use as Storage Pool.

Add Roles and Features

  1. Add the File Service Role ISCSI Target Server. I also added the Data Deduplication role.
    image
  2. Add the iSCSI Target Storage Provider (VDS and VSS hardware providers). They enable ISCSI target and disk management by using the Virtual Disk Service (VDS) hardware provider, and enable Microsoft Volume Shadow Copy Services (VSS) snapshot creation and management by using the VSS hardware provider.
    image
  3. This takes a short moment to complete
    image

Configure Storage Pools and Storage Spaces

  1. First create a New Storage Pool (This can be done by using the Server Manager or Windows PowerShell.
    image
  2. Choose name for your Storage Pool
    image
  3. Choose the disks which should be in this new storage pool. In my case I only see one right volume. But you could also add simple disks via JBOD, which is great to save money and be fexible.
    image
  4. Create the Storage Pool
    image

Create a Virtual Disk on the Storage Pool

  1. Open the New Virtual Disk Wizard.
  2. Choose the storage pool you want to place the Virtual Disk on.
    image
  3. Enter a name fo the new virtual disk. I will use the name “iSCSI Volumes” because I will later add iSCSI volumes on this virtual disk volume.
    image
  4. Now choose the storage layout. Because I use a RAID 5 array on my physical raid controller I choose “Simple”. When you are adding disk JBOD style, you can use Mirror or Parity to get reliability.
    image
  5. Choose a Provisioning type. I use Thin so I can create a virtual disk up to 64TB without having the capacity at the moment. I still can only use the disk capacity I have at the moment, but I can add disks to the storage pool later without having to change the Virtual Disksize.
    image
  6. Now specify the size of the virtual disk. If you have chosen the Provisioning type to be “Fixed” you cannot create a virtual disk bigger than your free space.
    image
  7. wait for the virtual disk to be created
    image

Create a Volume

  1. Now you have to create a volume on this Virtual Disk.
  2. Choose the Virtual Disk
    1. image
  3. Choose the options how you want to use the volume
    image
  4. Now you can see a new volume
    image

Create a new iSCSI Virtual Disk and a new iSCSI Target

  1. Launch the New Virtual Disk wizard
    image
  2. Choose the volume where the iSCSI Virtual Disk should be created. In my case I choose the Volume which I created on my storage pool.
    image
  3. Choose a name for the iSCSI Virtual Disk
    image
  4. Specify the size of the iSCSI Virtual Disk
    image
  5. Create a new iSCSI Target
    image
  6. Specify a target name
    image
  7. Specify the iSCSI initiators (Access Server) which can access the ISCSI Virtual Disk. If this are Windows 8 or Windows Server 8 machines you can do a directory search.
    image
    image
  8. You can enable Authentication if you need
    image
  9. Now you can create the iSCSI Virtual Disk
    image
  10. Now you have a new iSCSI Virtual Disk on your Virtual Disk, which you have created on your Storage Pool, which is an aggregation of your physical disks Winking smile.
    image

Iscsi commands


1.discovery target (storage) from inititator(client)
iscsiadm --mode discoverydb --type sendtargets --portal 192.168.0.200 --discover

2.this will authenticate with target server and allow us to log-in into LUN.
# iscsiadm --mode node --targetname iqn.2014-07.com.tecmint:tgt1 --portal 192.168.0.200:3260 --login

3.Use the login command and replace login with logout at end of command.
# iscsiadm --mode node --targetname iqn.2014-07.com.tecmint:tgt1 --portal 192.168.0.200:3260 --logout

4.After login to the LUN, list the records of Node using.
# iscsiadm --mode node

5. Display all data of a particular node.
# iscsiadm --mode node --targetname iqn.2014-07.com.tecmint:tgt1 --portal 192.168.0.200:3260

How to Hack into Windows 7 PC w/out password. (Need Windows 7 CD)

If you find yourself forgetting your own password, or trying to get into someone else’s PC for White Hat purposes of course.
Follow these rules.
  1. Make sure to insert the Windows 7 installation CD
  2. Boot from CD. May have to press (F2, Del, or F12 to prompt boot order)
  3. If you press F8 you will see the screen below. Feel free to also just choose “Command Prompt” here as well
4. When you boot from the CD. Click on “Repair Windows” Attempt to boot from a system image. When you press cancel it will prompt the System  Recovery Options. Here you choose Command Prompt
5. Once in the D: directory. Type “cd system32” to specify the folder you want to go into
6. Then type “dir osk.exe” This is the file for the On-Screen Keyboard. (OSK.exe)
7. Type “dir cmd.exe” This is the file for the command prompt. Herein lies the trick
8. Re-name the osk file to osk.old like so. “ren osk.exe osk.exe.old” Press enter
9. Then we’re going to re-name the Command prompt (cmd.exe) to the On-Screen Keyboard (osk.exe) by typing “ren cmd.exe osk.exe”
10. Now Reboot the PC. Return to the Windows 7 login screen
11. You’ll notice a Ease of Access option in the lower left at the login screen
12. Click on it and Check off the “On-Screen Keyboard”
13. Once you do, the Command Prompt will appear.
14. Except this command prompt has “ADMINISTRATOR” rights. Type in “whoami” just for verification
15. You can change the password with these commands “net user (username) (password)”
16. Once changed, simply log in with the new password.
17. From this point on, everytime you log in Command Prompt will appear on the screen
18. Remember that we re-named the On-Screen Keyboard and Command Prompt. So if you want to run, “cmd” it will not work. You will have to type “osk” and Command Prompt will appear
19. HOWEVER. If a SECURITY PATH is run on the PC, it will remove command prompt all together and return the on-screen keyboard. The way to fix this is to locate the Win 7 CD, and copy the cmd file from the X: drive that appears, to the D: drive. Overwrite the file, and Command Prompt will go back to normal as cmd.exe
Command is “copy X:windowssystem32cmd.exe d:windowssystem32

Hack Any Windows 7/8/10 User Password Without Logging In

Warning: This resets your password, it does NOT tell you what your old password was, making things such as the windows password based encryptions unaccessible, as this isn't changing your password, so it will not update.

This exploit takes advantage of the ease of access tool on the login page by 'tricking' windows into launching a fully privileged command prompt by selecting 'on the screen keyboard' this is done by renaming the on the screen keyboard exe to something random, and renaming the cmd.exe to on the screens previous name. It will all make since later.

Step 1:Launch Any OS That Allow Full Access to the Windows Folders

In this case, I am going to be using Kali. Although you can use many different linux distros or even a windows disk/usb, as long as you can access the terminal/command prompt your good.

Step 2:Navigate to Sys32

I'm going to infer you know basic navigation and be able to navigate to the Windows partition.
In my case, im currently writing this on my laptop rather than my desktop, so my Windows is known as BOOTCAMP, as I am on a macbook with Windows dual booted.
Once you reach this location, cd to Windows, then to System32.

Step 3:Rename osk.exe to osk.exe.old

oks.exe is the name of the ease of access 'On screen keyboard' file. Rename this using whatever your systems rename command is, in Kali the command would be: mv osk.exe osk.exe.old

Step 4:Rename cmd.exe to osk.exe

Now I'm sure you see how this works, but ill explain it anyways. Basically, when you press 'on screen keyboard' in the ease of access terminal, Windows launched osk.exe, which normally is the on screen keyboard application. But we changed it to launch cmd instead. Like magic.
Command: <system rename command> cmd.exe osk.exe
Kali: mv cmd.exe osk.exe

Step 5:Launch Windows and Select 'on Screen Keyboard' in Ease of Access Menu

I found this picture off of the interwebs, but what you normally see should be something like this. After going through all the steps above, you should instead see a command prompt.
Sorry for crappy picture, couldn't find how to take screen shot on login menu.

Step 6:Resetting the Password

Now you can type in the magical command to change the password.
The Command: net user <USERNAME in quotes> <PASSWORD>
Example: net user "Admin" temppass

Step 7:Finished! You Can Login Now!

Viola, you can now login with whatever password you typed in. If you want to reset it simply go back to Kali and redo what you've done! Rename osk.exe to cmd.exe and rename osk.exe.old to osk.exe
Well that's it for my first post! I came across this exploit a while ago and found that it still works so I don't know how common this is or anything like that. Hopefully its not too popular and too many this article is something new! Well, Enjoy!